Our team of global professionals will keep your organization ahead of the curve by keeping you abreast of the legal, regulatory, policy and legislative changes that will impact your business. We advise clients in all the legal, regulatory policy and legislative issues that have substantive impacts on the way the public and private sector manages information collection, storage, transfer and cybersecurity risks both before there is a breach and after it has occurred.
Our global team works collaboratively across multiple jurisdictions on a diverse range of local, regional and international issues in both developed and emerging markets, operating under very different data protection, privacy and cybersecurity regimes.
Why choose us
We pride ourselves on our industry knowledge and global reach, which enables us to coordinate and provide pragmatic, cost-effective advice on a multijurisdictional basis.
Our solid working relationships with governments and regulatory authorities around the world enable us to help you deal effectively with regulatory issues, shape changing policies and react to legislative initiatives in this rapidly evolving area.
Data Privacy and Protection in the US
The US has traditionally taken a vertical approach to data protection, with a focus on specific sectors. However, recent developments at both federal and state levels indicate a move towards a more horizontal approach. We can share our expertise to ensure your data protection procedures are in compliance with state and federal requirements, and advise you in case of data breaches involving personally identifiable information (see below).
Data Privacy and Protection in the European Union and Other Major Markets
Our EU team offers a “one-stop shop” for any organization needing to address data protection and e-privacy issues in the EU. We have substantial experience advising clients in many sectors on compliance across the EU/EEA, including the evolving interpretation of existing e-privacy, data protection and data retention rules, and the implications of the significant legislative changes on the horizon at EU level. Our country experts have substantial experience advising multinational clients on how to prepare for and respond to data breaches involving personal data (see below) as well as conflicts of laws involving access to personal data.
We also have data protection experts in virtually all of our other offices, including Russia, the Middle East and the Asia Pacific region. We are adept at providing multinational clients with advice on establishing regulatory compliance programs and data breach response plans that address the differing and sometimes conflicting requirements of the jurisdictions in which they operate.
Our global Cybersecurity team works across borders and practice specialties to deliver comprehensive and strategic advice and counsel on cybersecurity. We address cybersecurity and privacy issues, cyber theft and data breach prevention, as well as the liability stemming from data breaches and post-breach forensics.
Our experience with the broad swathe of policy, regulatory, legislative, legal, compliance and enforcement issues that impact risk management and cybersecurity means we can offer valuable and proactive advice to clients in critical infrastructure sectors such as banking and financial services, energy, telecommunications, information technology and health along with other industries impacted by cybersecurity concerns.
The Emerging Role of Regulators and Cybersecurity
As cybersecurity risks grow exponentially around the world, regulators across the globe are looking at new ways to manage the risk. We bring a global view of what is happening in the emerging realms of cybersecurity in other countries including in the EU, Asia Pacific, Latin America and others. In many cases, we can help our global clients anticipate how emerging cybersecurity policies, regulations and laws are being debated around the world, and share best practices about what has worked and what happens. The increasingly connected nature of the globe dictates that corporations need teams like ours who have detailed experience in all of these matters.
As a result, that means we can help clients understand how proposed cyber changes will impact their current – and often complex and overlapping – regulatory regimes. For example, in the US, we work closely with the White House and relevant federal agencies. We also work with independent agencies including the Securities and Exchange Commission (SEC), the Federal Trade Commission (FTC), the Federal Energy Regulatory Commission (FERC) and entities like the North American Electric Reliability Corporation (NERC), as well as every committee jurisdiction in Congress.
We have similar capabilities in Brussels and key EU Member States, as well as in the Asia Pacific region, to help ensure global messaging, coordination and solutions.
Data Breach Preparedness and Response
Our team includes data breach experts with a proven track record of advising clients on data breach preparedness and response, at both local and international levels. Working closely with our litigation experts in key markets, we have developed a four-point program that covers the essential elements of sound data management, whether this involves personal information, intellectual property, commercially sensitive data, systems software or other business-critical data:
- Prepare and train
- Protect and prevent
- Detect and respond
- Recover and fortify
We work closely with technical security professionals and forensics experts on matters ranging from developing compliance and prevention programs, to drafting tailored data breach response plans and coordinating crisis management. You can also tap into our Financial Services Team’s expertise on issues relating to data and cyber breach insurance policies and claims.
- Airports and aviation companies
- Banking and financial service corporations
- Defense industrial base sector
- Energy companies (utility, pipeline, oil and gas)
- Government entities
- Higher educational institutions
- Hospital and healthcare organizations
- Information technology
- Insurance and reinsurance entities
- Internet companies
- Multinational companies
- Pharmaceutical companies
- Research institutions
- Retail outlets
- Telecommunication providers
- Transportation and infrastructure sectors (transit, ports/maritime, water/wastewater)